Brute Force & password recovery tools

There are an immense number of tools for Brute force and password recovery that have been created to help security specialist in pentesting and evaluate application and system password level security.

Let’s start with Brutus AET2, from 2000 there were no update for this tool. But this tool appears as one of the fastest and the most modern tool for internet protocols brute forcing. If you need to test passwords for HTTP (website that uses authentication with Login and password) like forums, emails account, file and telnet servers Brutus are the good decision.

For working with this tool you just add the target IP address and service port, select the protocol and number of threads desired (Max 60) and timeout if you are also looking to hide yourself during the operation you can use Socks or proxy.

This tool uses the dictionary attack or by defining a word list file. If you will use the word list you just can add some words that you doubt the administrator can use so it is a universal tool for HTTP, FTP, POP3 and Telnet.

L0phtcrack this is used for auditing windows system password you can find more about their latest release LC6. L0phtcrack is not free anymore while you can replace it with Pwdump in which you can get the same result.

THC-Hydra is the ideal tool for cracking authentication this tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. This all plus that it supports more than 30 protocol among them TELNET, FTP, HTTP-GET, HTTP-HEAD, HTTPS-GET, HTTP-HEAD, HTTP-PROXY, VNC, POP3, IMAP,NNTP, ICQ, SAP/R3, Cisco auth, Cisco enable, SMTP-AUTH, SSH2, SNMP, Cisco AAA.
You can find this tool in the Backtrack Live CD.

Now a day many application uses some restriction for the login attempts, so after several attempts failure your IP will be banned, TSGrinder is the first production Terminal Server brute force tool the most interesting in TSGrinder that you can specify how many times to try a username/password combination within a particular connection and if you are using a proxy that will change your IP each connection after sometime you can pass the authentication phase.

It is important to note that all programs are used just for educational purposes.